Security News > 2023 > December > US warns Iranian terrorist crew broke into 'multiple' US water facilities

US warns Iranian terrorist crew broke into 'multiple' US water facilities
2023-12-04 23:30

Iran-linked cyber thugs have exploited Israeli-made programmable logic controllers used in "Multiple" water systems and other operational technology environments at facilities across the US, according to multiple law enforcement agencies.

The gang did not need sophisticated tactics to run this attack: the joint advisory suggests Cyberav3ngers likely broke into US-based water facilities by using default passwords for internet-accessible PLCs. The alert was issued just days after CISA said it was investigating a cyberattack against a Pennsylvania water authority by the IRGC-backed crew, which forced operators to switch a pumping station to manual control.

The compromised system at the Municipal Water Authority of Aliquippa displayed a warning that the intruders would be targeting Israeli-made gear because of the ongoing Israel-Hamas war.

"We are tracking, at this time, a small number of impacted water utilities," Eric Goldstein, CISA executive assistant director for cybersecurity, told reporters on Monday.

Despite exploiting PLCs to gain access to the water and wastewater facilities, "We have seen no access to operational systems at these water facilities, nor have we seen any impact to the provision of safe drinking water," Goldstein added.

These include Haghjoyan, a group that emerged when the war began and initially targeted Israel before moving on to hack-and-leak operations and website defacements in the US. Another Iran-linked gang, CyberToufan Group, also said it targeted wholesaler Berkshire eSupply for using Israeli gear, and YareGomnam Team has claimed attacks on US pipeline, electrical systems and CCTV systems at American airports.


News URL

https://go.theregister.com/feed/www.theregister.com/2023/12/04/iran_terrorist_us_water_attacks/